aws-sdk-guardduty 1.107.0 → 1.109.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +10 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-guardduty/client.rb +123 -7
  5. data/lib/aws-sdk-guardduty/client_api.rb +205 -0
  6. data/lib/aws-sdk-guardduty/types.rb +824 -15
  7. data/lib/aws-sdk-guardduty.rb +1 -1
  8. data/sig/types.rbs +179 -0
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 854873401858e098e0ff72c0ae6ead8441db9dbc411cd9fcfcae7cb0509e630d
4
- data.tar.gz: 64105ff6e676df62eb72baa459eff8b596ec430211850cd4d994faaff95dea64
3
+ metadata.gz: 4144b58fd8c227c46907bb8b9eb5e88b95e494b9fcb70b99aad1bb713d3883e0
4
+ data.tar.gz: c0409cefa3900a39acfb545a71dfe35d5cd6e55d8aa4a585708f4148d18ff697
5
5
  SHA512:
6
- metadata.gz: b80fb4809cdbdcada212c8a6d224a09b54dbfa92f8a41302d03e876abe20ed9b7d303a0165ddf7223bde66cebc13627063705022ff2f7e4e36a99dc82cb39c84
7
- data.tar.gz: 8ea2c700244d412f3856c6854b8c5980625730876a28a738afcaa961b0f0bf5648f89b1f0e4374eca9e6c62aa67b924a6d378d888a529cc6e1b9b31b534e9098
6
+ metadata.gz: 3cbb78cd0043cb6bae9d4019d9daa557f24cc428c9f6ee3f8838182b689c37af65e72aef8b98fae05208e19c4712b0e556bca0a498d3c9907bade325b630272e
7
+ data.tar.gz: 7c5ce7c8a2ad9a9704a04c089b8d19064e63a764d0034e9eb93f51f0e2834ce53dec7dc70ada2107fffe94d9db1d33da3cfa53f9a61f0d3afa7a22e8b8376a5e
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.109.0 (2024-12-12)
5
+ ------------------
6
+
7
+ * Feature - Improved descriptions for certain APIs.
8
+
9
+ 1.108.0 (2024-12-02)
10
+ ------------------
11
+
12
+ * Feature - Add new Multi Domain Correlation findings.
13
+
4
14
  1.107.0 (2024-11-18)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.107.0
1
+ 1.109.0
data/lib/aws-sdk-guardduty/client.rb CHANGED
@@ -740,9 +740,11 @@ module Aws::GuardDuty
740
740
  #
741
741
  # * **Medium**: `["4", "5", "6"]`
742
742
  #
743
- # * **High**: `["7", "8", "9"]`
744
- # For more information, see [Severity levels for GuardDuty
745
- # findings][2].
743
+ # * **High**: `["7", "8"]`
744
+ #
745
+ # * **Critical**: `["9", "10"]`
746
+ # For more information, see [Findings severity levels][2] in the
747
+ # *Amazon GuardDuty User Guide*.
746
748
  #
747
749
  # * type
748
750
  #
@@ -933,7 +935,7 @@ module Aws::GuardDuty
933
935
  #
934
936
  #
935
937
  # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_FindingCriteria.html
936
- # [2]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity
938
+ # [2]: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings-severity.html
937
939
  #
938
940
  # @option params [String] :client_token
939
941
  # The idempotency token for the create request.
@@ -2877,6 +2879,117 @@ module Aws::GuardDuty
2877
2879
  # resp.findings[0].service.detection.anomaly.unusual.behavior["String"]["String"].profile_subtype #=> String, one of "FREQUENT", "INFREQUENT", "UNSEEN", "RARE"
2878
2880
  # resp.findings[0].service.detection.anomaly.unusual.behavior["String"]["String"].observations.text #=> Array
2879
2881
  # resp.findings[0].service.detection.anomaly.unusual.behavior["String"]["String"].observations.text[0] #=> String
2882
+ # resp.findings[0].service.detection.sequence.uid #=> String
2883
+ # resp.findings[0].service.detection.sequence.description #=> String
2884
+ # resp.findings[0].service.detection.sequence.actors #=> Array
2885
+ # resp.findings[0].service.detection.sequence.actors[0].id #=> String
2886
+ # resp.findings[0].service.detection.sequence.actors[0].user.name #=> String
2887
+ # resp.findings[0].service.detection.sequence.actors[0].user.uid #=> String
2888
+ # resp.findings[0].service.detection.sequence.actors[0].user.type #=> String
2889
+ # resp.findings[0].service.detection.sequence.actors[0].user.credential_uid #=> String
2890
+ # resp.findings[0].service.detection.sequence.actors[0].user.account.uid #=> String
2891
+ # resp.findings[0].service.detection.sequence.actors[0].user.account.name #=> String
2892
+ # resp.findings[0].service.detection.sequence.actors[0].session.uid #=> String
2893
+ # resp.findings[0].service.detection.sequence.actors[0].session.mfa_status #=> String, one of "ENABLED", "DISABLED"
2894
+ # resp.findings[0].service.detection.sequence.actors[0].session.created_time #=> Time
2895
+ # resp.findings[0].service.detection.sequence.actors[0].session.issuer #=> String
2896
+ # resp.findings[0].service.detection.sequence.resources #=> Array
2897
+ # resp.findings[0].service.detection.sequence.resources[0].uid #=> String
2898
+ # resp.findings[0].service.detection.sequence.resources[0].name #=> String
2899
+ # resp.findings[0].service.detection.sequence.resources[0].account_id #=> String
2900
+ # resp.findings[0].service.detection.sequence.resources[0].resource_type #=> String, one of "EC2_INSTANCE", "EC2_NETWORK_INTERFACE", "S3_BUCKET", "S3_OBJECT", "ACCESS_KEY"
2901
+ # resp.findings[0].service.detection.sequence.resources[0].region #=> String
2902
+ # resp.findings[0].service.detection.sequence.resources[0].service #=> String
2903
+ # resp.findings[0].service.detection.sequence.resources[0].cloud_partition #=> String
2904
+ # resp.findings[0].service.detection.sequence.resources[0].tags #=> Array
2905
+ # resp.findings[0].service.detection.sequence.resources[0].tags[0].key #=> String
2906
+ # resp.findings[0].service.detection.sequence.resources[0].tags[0].value #=> String
2907
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.owner_id #=> String
2908
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.created_at #=> Time
2909
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.encryption_type #=> String
2910
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.encryption_key_arn #=> String
2911
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.effective_permission #=> String
2912
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.public_read_access #=> String, one of "BLOCKED", "ALLOWED"
2913
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.public_write_access #=> String, one of "BLOCKED", "ALLOWED"
2914
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_acl_access #=> String, one of "BLOCKED", "ALLOWED"
2915
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_policy_access #=> String, one of "BLOCKED", "ALLOWED"
2916
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_acl_ignore_behavior #=> String, one of "IGNORED", "NOT_IGNORED"
2917
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.account_public_access.public_bucket_restrict_behavior #=> String, one of "RESTRICTED", "NOT_RESTRICTED"
2918
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_acl_access #=> String, one of "BLOCKED", "ALLOWED"
2919
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_policy_access #=> String, one of "BLOCKED", "ALLOWED"
2920
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_acl_ignore_behavior #=> String, one of "IGNORED", "NOT_IGNORED"
2921
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.bucket_public_access.public_bucket_restrict_behavior #=> String, one of "RESTRICTED", "NOT_RESTRICTED"
2922
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.s3_object_uids #=> Array
2923
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_bucket.s3_object_uids[0] #=> String
2924
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.availability_zone #=> String
2925
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.image_description #=> String
2926
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.instance_state #=> String
2927
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.iam_instance_profile.arn #=> String
2928
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.iam_instance_profile.id #=> String
2929
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.instance_type #=> String
2930
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.outpost_arn #=> String
2931
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.platform #=> String
2932
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.product_codes #=> Array
2933
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.product_codes[0].code #=> String
2934
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.product_codes[0].product_type #=> String
2935
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.ec2_network_interface_uids #=> Array
2936
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_instance.ec2_network_interface_uids[0] #=> String
2937
+ # resp.findings[0].service.detection.sequence.resources[0].data.access_key.principal_id #=> String
2938
+ # resp.findings[0].service.detection.sequence.resources[0].data.access_key.user_name #=> String
2939
+ # resp.findings[0].service.detection.sequence.resources[0].data.access_key.user_type #=> String
2940
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.ipv_6_addresses #=> Array
2941
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.ipv_6_addresses[0] #=> String
2942
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.private_ip_addresses #=> Array
2943
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.private_ip_addresses[0].private_dns_name #=> String
2944
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.private_ip_addresses[0].private_ip_address #=> String
2945
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.public_ip #=> String
2946
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.security_groups #=> Array
2947
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.security_groups[0].group_id #=> String
2948
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.security_groups[0].group_name #=> String
2949
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.sub_net_id #=> String
2950
+ # resp.findings[0].service.detection.sequence.resources[0].data.ec2_network_interface.vpc_id #=> String
2951
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_object.etag #=> String
2952
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_object.key #=> String
2953
+ # resp.findings[0].service.detection.sequence.resources[0].data.s3_object.version_id #=> String
2954
+ # resp.findings[0].service.detection.sequence.endpoints #=> Array
2955
+ # resp.findings[0].service.detection.sequence.endpoints[0].id #=> String
2956
+ # resp.findings[0].service.detection.sequence.endpoints[0].ip #=> String
2957
+ # resp.findings[0].service.detection.sequence.endpoints[0].domain #=> String
2958
+ # resp.findings[0].service.detection.sequence.endpoints[0].port #=> Integer
2959
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.city #=> String
2960
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.country #=> String
2961
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.latitude #=> Float
2962
+ # resp.findings[0].service.detection.sequence.endpoints[0].location.longitude #=> Float
2963
+ # resp.findings[0].service.detection.sequence.endpoints[0].autonomous_system.name #=> String
2964
+ # resp.findings[0].service.detection.sequence.endpoints[0].autonomous_system.number #=> Integer
2965
+ # resp.findings[0].service.detection.sequence.endpoints[0].connection.direction #=> String, one of "INBOUND", "OUTBOUND"
2966
+ # resp.findings[0].service.detection.sequence.signals #=> Array
2967
+ # resp.findings[0].service.detection.sequence.signals[0].uid #=> String
2968
+ # resp.findings[0].service.detection.sequence.signals[0].type #=> String, one of "FINDING", "CLOUD_TRAIL", "S3_DATA_EVENTS"
2969
+ # resp.findings[0].service.detection.sequence.signals[0].description #=> String
2970
+ # resp.findings[0].service.detection.sequence.signals[0].name #=> String
2971
+ # resp.findings[0].service.detection.sequence.signals[0].created_at #=> Time
2972
+ # resp.findings[0].service.detection.sequence.signals[0].updated_at #=> Time
2973
+ # resp.findings[0].service.detection.sequence.signals[0].first_seen_at #=> Time
2974
+ # resp.findings[0].service.detection.sequence.signals[0].last_seen_at #=> Time
2975
+ # resp.findings[0].service.detection.sequence.signals[0].severity #=> Float
2976
+ # resp.findings[0].service.detection.sequence.signals[0].count #=> Integer
2977
+ # resp.findings[0].service.detection.sequence.signals[0].resource_uids #=> Array
2978
+ # resp.findings[0].service.detection.sequence.signals[0].resource_uids[0] #=> String
2979
+ # resp.findings[0].service.detection.sequence.signals[0].actor_ids #=> Array
2980
+ # resp.findings[0].service.detection.sequence.signals[0].actor_ids[0] #=> String
2981
+ # resp.findings[0].service.detection.sequence.signals[0].endpoint_ids #=> Array
2982
+ # resp.findings[0].service.detection.sequence.signals[0].endpoint_ids[0] #=> String
2983
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators #=> Array
2984
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].key #=> String, one of "SUSPICIOUS_USER_AGENT", "SUSPICIOUS_NETWORK", "MALICIOUS_IP", "TOR_IP", "ATTACK_TACTIC", "HIGH_RISK_API", "ATTACK_TECHNIQUE", "UNUSUAL_API_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_USER"
2985
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].values #=> Array
2986
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].values[0] #=> String
2987
+ # resp.findings[0].service.detection.sequence.signals[0].signal_indicators[0].title #=> String
2988
+ # resp.findings[0].service.detection.sequence.sequence_indicators #=> Array
2989
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].key #=> String, one of "SUSPICIOUS_USER_AGENT", "SUSPICIOUS_NETWORK", "MALICIOUS_IP", "TOR_IP", "ATTACK_TACTIC", "HIGH_RISK_API", "ATTACK_TECHNIQUE", "UNUSUAL_API_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_ACCOUNT", "UNUSUAL_ASN_FOR_USER"
2990
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].values #=> Array
2991
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].values[0] #=> String
2992
+ # resp.findings[0].service.detection.sequence.sequence_indicators[0].title #=> String
2880
2993
  # resp.findings[0].service.malware_scan_details.threats #=> Array
2881
2994
  # resp.findings[0].service.malware_scan_details.threats[0].name #=> String
2882
2995
  # resp.findings[0].service.malware_scan_details.threats[0].source #=> String
@@ -2887,6 +3000,7 @@ module Aws::GuardDuty
2887
3000
  # resp.findings[0].title #=> String
2888
3001
  # resp.findings[0].type #=> String
2889
3002
  # resp.findings[0].updated_at #=> String
3003
+ # resp.findings[0].associated_attack_sequence_arn #=> String
2890
3004
  #
2891
3005
  # @see http://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/GetFindings AWS API Documentation
2892
3006
  #
@@ -5216,8 +5330,10 @@ module Aws::GuardDuty
5216
5330
  # [1]: https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html
5217
5331
  #
5218
5332
  # @option params [Boolean] :auto_enable
5219
- # Represents whether or not to automatically enable member accounts in
5220
- # the organization.
5333
+ # Represents whether to automatically enable member accounts in the
5334
+ # organization. This applies to only new member accounts, not the
5335
+ # existing member accounts. When a new account joins the organization,
5336
+ # the chosen features will be enabled for them by default.
5221
5337
  #
5222
5338
  # Even though this is still supported, we recommend using
5223
5339
  # `AutoEnableOrganizationMembers` to achieve the similar results. You
@@ -5418,7 +5534,7 @@ module Aws::GuardDuty
5418
5534
  tracer: tracer
5419
5535
  )
5420
5536
  context[:gem_name] = 'aws-sdk-guardduty'
5421
- context[:gem_version] = '1.107.0'
5537
+ context[:gem_version] = '1.109.0'
5422
5538
  Seahorse::Client::Request.new(handlers, context)
5423
5539
  end
5424
5540